Author: Eli Date: To: exim-users, exiscanusers Subject: [Exim] Idea for a per-recipient DATA ACL stage
I had sent an email to Avleen Vig (VExim) about some ideas for message
filtering per recipient at ACL time and mentioned this to him:
>> My only other thought - and I know that *tons* of people would love
>> something like this - was to have a new DATA ACL thing that would run
>> *after* the real DATA ACL but before the message is accepted finally. This >> DATA ACL would be completely identical to the normal DATA ACL except that it >> would run once per recipient and would allow $domain and $local_part in it. >> Since denying in this type of situation would mean a whole message deny, I >> was thinking that a deny would instead just remove the recpient in question >> from the receiving list quietly (sender not aware) - of course if it was the >> only recipient then it would send out an actual deny on the message. Now
>> although this type of ACL would probably be really cool and useful (no hacks >> for per user settings any more), it would also be the hardest to hack in to >> Exim I'm sure.
His response:
>That's very, very interesting. Please, talk to Tom Kistner about this
>and see what he thinks, as he maintains exiscan. I would love to see
>this 'quietly drop recipient' option.
So here she be :) I know that the concept obviously needs some more work
since I didn't mention everything that can happen, but I figured since Tom
was able to make a whole new ACL stage, maybe its time that a new ACL stage
get added (rather than share the same stage as the current MIME ACL does).
Now I know for fact that this has been discussed excessively, probably long
before I ever joined the exim and exiscan lists, but the fact that so many
people seem to always mention it means it should be added in my view. The
only reason that something like this doesn't exist right now is because
everyone says that you can't since there can be multiple recipients at the
DATA stage (well that and nobody's actually decided to code it :)). So this
is kind of where my idea kicks in...
As you can probably gather from the quoted text, it's just the same as the
normal DATA ACL (not like the MIME ACL) but it is run through for each
recipient so that $local_part and $domain are filled with the current
recipient. Now obviously if a message has several hundred recipients then
this could take up quite a bit of time to run through depending on what is
in the ACL. This would mean that the user would have to be concious of the
SMTP timeouts between stages to make sure that they don't time out anywhere.
However, with the potential baddies of adding this, there is too much good
that can come of it to ignore. No more "one recipient at a time" hacks to
have per user spam or anti virus settings - no more restrictions for per
domain/user level anything any more!
Personally though, my big reason for mentioning something like this (and
hoping that the idea is followed through!) is that it would allow other
message filtering to be done at ACL time as well that was per domain/user
specific.
I'm still working on some alternative methods for what I need to accomplish
(I'm eyeing the local_scan stuff, but I'd have to learn more about Exim
internals before I venture into that forest), but I think this would be a
nice feature to have regardless, especially avoiding all those confused
people who want to use $domain and $local_part at DATA time :)
